TY - GEN
T1 - Rocky
T2 - 37th Annual Computer Security Applications Conference, ACSAC 2021
AU - Kim, Beom Heyn
AU - Kim, Hyoungshick
N1 - Publisher Copyright:
© 2021 Association for Computing Machinery.
PY - 2021/12/6
Y1 - 2021/12/6
N2 - Recently, edge-based virtual desktop infrastructure (EdgeVDI), which brings the power of virtualized desktop infrastructure to cloudlets closer to users, has been considered as an attractive solution for WAN mobility. However, ransomware and wiper malware are becoming more and more prevalent, which can impose serious cybersecurity threats to EdgeVDI users. Existing tamper-resistant solutions cannot deal with cloudlet failures. In this paper, we propose Rocky, the first distributed replicated block device for EdgeVDI that can recover from tampering attacks and failures. The key enabler is replicating to store a consistent write sequence across cloudlets as an append-only immutable mutation history. In addition, Rocky uses a replication broker to allow heterogenous cloudlets to control replication rates at their pace and reduces both disk space and network bandwidth consumption by coalescing writes for both uplink and downlink. To show the feasibility of Rocky, we implemented Rocky in Java. The experimental results show that Rocky's write and read throughputs are similar to those of a baseline device with 8.4% and 11.9% additional overheads, respectively. In addition, we could reduce repeated writes by 88.5% and 100% for editing presentation slides and a photo, respectively.
AB - Recently, edge-based virtual desktop infrastructure (EdgeVDI), which brings the power of virtualized desktop infrastructure to cloudlets closer to users, has been considered as an attractive solution for WAN mobility. However, ransomware and wiper malware are becoming more and more prevalent, which can impose serious cybersecurity threats to EdgeVDI users. Existing tamper-resistant solutions cannot deal with cloudlet failures. In this paper, we propose Rocky, the first distributed replicated block device for EdgeVDI that can recover from tampering attacks and failures. The key enabler is replicating to store a consistent write sequence across cloudlets as an append-only immutable mutation history. In addition, Rocky uses a replication broker to allow heterogenous cloudlets to control replication rates at their pace and reduces both disk space and network bandwidth consumption by coalescing writes for both uplink and downlink. To show the feasibility of Rocky, we implemented Rocky in Java. The experimental results show that Rocky's write and read throughputs are similar to those of a baseline device with 8.4% and 11.9% additional overheads, respectively. In addition, we could reduce repeated writes by 88.5% and 100% for editing presentation slides and a photo, respectively.
KW - Block device
KW - Data recovery
KW - Edge computing
KW - Replication
KW - VDI
UR - https://www.scopus.com/pages/publications/85121581932
U2 - 10.1145/3485832.3485886
DO - 10.1145/3485832.3485886
M3 - Conference contribution
AN - SCOPUS:85121581932
T3 - ACM International Conference Proceeding Series
SP - 285
EP - 296
BT - Proceedings - 37th Annual Computer Security Applications Conference, ACSAC 2021
PB - Association for Computing Machinery
Y2 - 6 December 2021 through 10 December 2021
ER -